<?php
//////////////////////////////////////
// Class Registration System  		//
// CPSC 462					      	//
// Form Handler						//
// Trent Robbins & Richard Heywood  //
//////////////////////////////////////

/*Set up variables*/
date_default_timezone_set('America/New_York');
include('Website.class.php');
$body = '';
$page = new Website();

/*Connect to the database*/
$page->dbConnect();

/*Set up as a switch to allow the addition of more forms in the future*/
switch ($_POST['form']) { 
	/*case 0 matches to the loginForm*/
	case '0':
		/*First make sure both input fields were filled in*/
		if(isset($_POST['uname']) && isset($_POST['pwd']) && $_POST['uname']!='' && $_POST['pwd']!='' ){
			/*Make sure the given username is in the db*/
			$username = $_POST['uname'];
			$queryResult = mysql_query("(SELECT username, userType FROM Student WHERE username='{$username}') UNION 
										(SELECT username, userType FROM Admin WHERE username='{$username}')") or die("Mysql Error");
			$rowData = mysql_fetch_assoc($queryResult);
			$uType = $rowData['userType'];
			if($rowData['username']==$username){
				/*since the username is valid, now check the password*/
				$password = $_POST['pwd'];
				$queryResult2 = mysql_query("(SELECT `password`, `id` FROM Student WHERE `username`='{$username}' AND `password`='{$password}')
											  UNION
											 (SELECT `password`, `id` FROM Admin WHERE `username`='{$username}' AND `password`='{$password}')") or die("Mysql Error");
				$pwdValid = mysql_fetch_assoc($queryResult2);
				
				if($pwdValid['password']==$password){
					/*Both username and password are valid, check userType and reroute to main page*/
					if($uType=='Student'){
						header ("Location: http://pba.cs.clemson.edu/~f10t06/mainPage.php?studId={$pwdValid['id']}&userType={$uType}");
						exit ();
					}
					elseif($uType=='Admin'){
						header ("Location: http://pba.cs.clemson.edu/~f10t06/adminMainPage.php?admId={$pwdValid['id']}&userType={$uType}&uname=$username");
						exit ();
					}
					
				}
				else{
					$body .= "<span class='error'>Invalid Password</span><br /><br />";
				}
			}
			else{
				$body .= "<span class='error'>Invalid Username</span<br /><br />";
			}
		}
		else{
			$body .= "<span class='error'>Please enter both a username and password.</span><br /><br />";
		}
		break;
	/*Drop/Add/Request Button Handler*/
	case '1':
		$studId = $_POST['studId'];
		$courseCode = $_POST['courseCode'];
		$section = $_POST['sectionID'];
		$err = "Student Id: $studId<br /> Code: $courseCode<br /> Section: $section<br /> btype: {$_POST['btype']}<br /> ";
		if($_POST['btype']=='Drop'){
			//echo $err;
			$page->dropSection($courseCode, $section, $studId);
		}
		elseif($_POST['btype']=='UnRequest'){
			//echo $err;
			$page->unRequestSection($courseCode, $section, $studId);
		}
		elseif($_POST['btype']=='Add'){
			//echo $err;
			$page->addSection($courseCode, $section, $studId);
		}
		elseif($_POST['btype']=='Request'){
			//echo $err;
			$page->requestSection($courseCode, $section, $studId);
		}
		/*Redirects to or refreshes the main page*/
		header ("Location: http://pba.cs.clemson.edu/~f10t06/mainPage.php?studId=$studId");
		exit ();
		break;
	/*Add New User Handler*/
	case '2':
		$studentInfo = array();
		$studentInfo[] = $_POST['fname'];
		$studentInfo[] = $_POST['lname'];
		$studentInfo[] = $_POST['uname'];
		$studentInfo[] = $_POST['year'];
		$studentInfo[] = $_POST['major'];
		$studentInfo[] = $_POST['pwd'];
		$studentInfo[] = $_POST['hoursLimit'];
		$studentInfo[] = $_POST['enroll'];
		$page->addNewUser($_POST);
		echo "User {$_POST['fname']} {$_POST['lname']} successfully added.<br /><br />";
		
		break;
	case '3':
		$page->deleteUser($_POST[userId]);
		header ("Location: http://pba.cs.clemson.edu/~f10t06/adminMainPage.php?admId=0&userType=Admin&uname=admin&func=U&act=edit'");
		exit ();
		break;
	case '4':
		$page->updateUser($_POST);
		echo "User {$_POST['fname']} {$_POST['lname']} successfully Updated.<br /><br />";
		break;
	default: // Invalid Type
		header("HTTP/1.0 504 Invalid Form Type. Please go back and try again."); die;
		break;
}

/*Close this connection to the database*/
$page->dbCloseConnect();

/*If the login was unsuccessful, print an error message on the login page*/
echo $body;
?>